What is Cryptography? Definition: The science or study of the techniques of secret writing, esp. code and cipher systems, methods, and the like Google Image search for cryptography →

Cryptanalysis A system is “broken” if there exists a technique to decrypt a message that is at all faster than brute-force A larger keyspace is always more secure Trade-offs exist with large keys i.e. if you need a 3 million bit key to guarantee 100% security but a 256 bit key gives you 99%...

Models of Attackers Ciphertext only attack (weakest system) –Can discern the key from only 1 ciphertext Known plaintext attack –Has both the unencrypted and encrypted message Chosen plaintext attack –Can chose the message and see the encrypted version Chosen text attack (strongest system) –Can select message OR ciphertext at will

Classical Cryptography Time period: 4500 BC – 1946ish Stenography (sort of) Substitution Ciphers (and Vigènere Ciphers) One Time Pad Transposition Ciphers Polyalphabetic Ciphers Codes All WWII crypto systems (Enigma, Purple, etc) Modern systems are distinguished by use of mathematical systems and proofs of security

One-Time Pad XOR a message with a random key of the same length Provably secure! Given any ciphertext of length m it can be decrypted to every message of length m Key can only be used once (or it is broken) Difficult to distribute keys

Substitution (Caesar) Cipher OS IS NEARLY OVER = QY AY MCKBXW QZCB ROT-13 Vulnerable to frequency analysis – ciphertext only attack succeeds nopqrstuvwxyz mqvdbyouzfpwh abcdefghijklm kijnctesalrxg

WWII Crypto: Engima A rotor style machine Key is how to set the rotors, reflector and the plugboard Keyspace ≈ First computer, Colossus, built in Bletchley Park by Alan Turing’s team to perform cryptanalysis on Enigma. Biggest weakeness was operator error

Modern Cryptography: DES Adopted by NIST as national standard in 1976 Developed by IBM as the Lucifer cipher A block cipher based on Feistel S-boxes

DES Structure

DES Problems 56-bit keys = broken in less than 24 hours Also vulnerable to chosen plaintext attacks Triple DES – run DES 3 times over the message with 2 different keys – is still practically secure Replaced with AES in 2002

Public Key: RSA Select two large primes, p and q. N = pq Φ(N)=(p-1)(q-1) (the # of #’s relatively prime to N) Select random E in [1, Φ(N)–1] Publish E and N -> public key ED = 1 mod Φ(N) -> D is the private key Encryption: C = M E modN Decryption: M = C D modN

RSA - Continued Can do digital signatures (sign your outgoing message with your private key, then their public key) Exponentiation is computationally expensive Most frequently used as a method for exchanging keys for a symmetric system Many other public key systems, el-gamal, elliptic curves etc.

Cryptographic Hash Functions One-way functions used as a checksum Important features: –“Impossible” to invert –Error-propagation –Fast –Few input collisions MD5 (128 bits, 1996), SHA-1 (160 bits, 2005), SHA-256, SHA-512

Key Distribution Diffie-Hellman Key Exchange Link-encryption End-to-end encryption Key distribution center Couriers Pigeons

Diffie-Hellman Key Exchange (1976) Relies on difficulty of modular logarithms Secure if g and p are chosen well (can be chosen in advance)

Link-Encryption Encrypts and decrypts all traffic at each communication link Advantage: Each user needs to manage only 1 key Disadvantage: You must be able to trust the links. Not realistic.

End-To-End Encryption Encrypted by sender with receiver’s key Advantage: Ensures privacy of the message contents Disadvantage: Requires each user to manage O(n) keys and system has O(n 2 ) keys total

Key Distribution Center Trusted third party See Kristen’s presentation!

Future Directions Quantum cryptography - can guarantee no eavesdropper. Creates a secure channel for exchanging keys. Identity-based encryption - your name is your public key. Eliminates key distribution problem. I ♥ MBC